[
https://issues.apache.org/jira/browse/CXF-6660?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ethan Ma updated CXF-6660:
--------------------------
Description:
This is happening when using SamlTokenInterceptor to validate the inbound saml
token via WS-SecurityPolicy.
It seems that the crypto get back from SamlTokenInterceptor is always having
null PasswordEncryptor. The keystore password is not therefore decrypted
properly.
SamlTokenInterceptor.java line 320:
crypto = CryptoFactory.getInstance(properties);
was:
This is to validate the saml token via WS-SecurityPolicy.
It seems that the crypto get back from SamlTokenInterceptor is always having
null PasswordEncryptor. The keystore password is not decrypted properly.
SamlTokenInterceptor.java line 320:
crypto = CryptoFactory.getInstance(properties);
> SamlTokenInterceptor Jasypt decryption
> --------------------------------------
>
> Key: CXF-6660
> URL: https://issues.apache.org/jira/browse/CXF-6660
> Project: CXF
> Issue Type: Bug
> Components: JAX-WS Runtime
> Affects Versions: 3.1.3
> Environment: cxf 3.1.2, wss4j 2.1.2, spring boot 1.2.6
> Reporter: Ethan Ma
> Priority: Minor
>
> This is happening when using SamlTokenInterceptor to validate the inbound
> saml token via WS-SecurityPolicy.
> It seems that the crypto get back from SamlTokenInterceptor is always having
> null PasswordEncryptor. The keystore password is not therefore decrypted
> properly.
> SamlTokenInterceptor.java line 320:
> crypto = CryptoFactory.getInstance(properties);
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
